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REMARKS 

Claims 1-30 were examined and rejected in this case. Claims 1, 2, 5-16, 21, 22, 
24-30 are being amended. Reconsideration of the application as amended is respectfully 
requested. 

Applicant requests the Examiner to enter the above amendments to the 
Specification. No new matter is being added. In particular, Applicant is amending 
element 387 in FIG. 3 and throughout the Specification to replace the term "web engine" 
with "web server." The Specification describes the web engine 387 as a web server. For 
instance, the web server 387 includes the servlet host engine which serves the 
downloaded applets and includes the web page data being displayed on the global 
server's web page. Applicant is providing a copy of FIG. 3 with the changes marked in 
red, a clean copy and a letter to the chief draftsman. 

Claim Rejections under 35 USC § 101 

In paragraphs 1 and 2, the Examiner rejected claims 1-29 as non-statutory, 
asserting that they are directed to computer programs per se. The Examiner further 
asserts that "data structures" that are not claimed as embodied in computer-readable 
media are descriptive material, because they are not physical things or statutory 
processes. Applicant respectfully traverses. 

First, computer routines are not merely data structures. The Computer Dictionary, 
2 nd edition, published by Microsoft Press (1994) defines the term "data structure" to be 
"An organizational scheme, such as a record or an array, applied to data so that it can be 
interpreted and so that specific operations can be performed upon the data." In other 
words, a data structure is organized data. As admitted by the Examiner, the claims are 
directed to "a collection of software routines." 

Second, in State Street Bank & Trust Co. v. Signature Financial Group, Inc. , 149 
F.3d 1368 (Fed. Cir. 1998), the Federal Circuit Court noted that a mathematical algorithm 
applied in a "useful" way is patentable subject matter. The Court further states that, 
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"[t]he question of whether a claim encompasses statutory subject matter should not focus 
on which of the four categories of subject matter a claim is directed to—process, machine, 
manufacture, or composition of matter— but rather on the essential characteristics of the 
subject matter, in particular, its practical utility." The embodiments claimed herein claim 
systems and methods for enabling access to computer services. The systems and methods 
are clearly useful, and thus patentable. 

Third, as described in the Specification and as recognized by the Examiner, the 
systems and methods may be performed by computer programs. As stated on page 26, 
line 22, the components may alternatively be implemented using application specific 
integrated circuits instead of computer programs. Accordingly, it will be appreciated that 
the systems and methods are not limited to just software alternatives. 

Accordingly, Applicant respectfully submits that the claims are directed to 
statutory subject matter. 

Observations with Respect to Claim Language 

In paragraph 3, the Examiner noted that the system claims include "intended use" 
language, e.g., "a keysafe for. . .". In paragraph 4, the Examiner noted that "applet" was 
intended to means program executable on the client and "servlet" was intended to mean 
program executable on the client. Applicant agrees with the Examiner's definitions. 

Claim Rejections under 35 USC § 1 12 

In paragraph 5 and 6, the Examiner rejects claims 1-14, 16, 18, 21, 22 and 25 
under 35 USC § 1 12 as indefinite. 

More particularly, the Examiner asserts that method steps or system elements 
should not be couched in "wherein" clauses as "wherein" describe a negative recitation. 
Applicant is unaware of any rule precluding "wherein" clauses. In fact, practitioners 
generally use "wherein" clauses, and instructors generally teach "wherein" clauses. 
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Attached please find a sub-chapter from "How to Write a Patent Application" by Jeffrey 
Sheldon describing proper dependent claim format. Jeffrey Sheldon writes "When a 
dependent claim is used to modify or qualify a previously introduced element, the 
transitional phrase 'wherein 5 or 4 in which' is used to signify the relationship between the 
two claims." Further, Webster's dictionary defines "wherein" as "in what" or "in which." 
Neither definition describes a negative recitation. In fact, MPEP section 608.0 l(n) lists 
acceptable multiple dependent claim wording that include the language "in which," 
which, as stated above, is equivalent of "wherein." 

The Examiner rejects the term "engine" as undefined and is unsure how the term 
differs from other programs or processes. The Specification employs the term "engine" 
on several occasions. For example, the Specification describes "a communications 
engine," "an encryption engine," "an applet engine," etc. As illustrated in the 
embodiment of Figure 2, each of these engines are stored in RAM. This clearly indicates 
that the engines in this embodiment are software code. Further, the Computer Dictionary, 
2 nd edition, published by Microsoft Press (1994) defines the term "engine" to include 
"The portion of a program that determines how the program manages and manipulates 
data." Still even further, the Applicant states on pages 26 and 27 that software portions of 
the invention may use Application Specific Integrated Circuits (ASICs) or equivalents. It 
is therefore clear from the Specification, the figures and common usage that the term 
"engine" describes program code, ASICs or equivalents for causing a computer to 
perform a specific function. 

The Examiner rejected claims 2, 8, 16 and 22 as improperly containing the term 
"technology." Applicant has deleted the term "technology" from the claims. 

The Examiner rejected claims 7 and 21 asserting that the term "global certificate" 
is not defined. Applicant has amended the claims to replace the term "global certificate" 
with "public key certificate." 

The Examiner rejected claim 10 asserting that the term "corporate firewall" is 
undefined. Applicant is amending the claim to delete the term "corporate." 
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The Examiner rejected claims 1 1 and 25 asserting that the term "global firewall" 
is undefined. For simplicity, the term "global" is merely being used as an adjective to 
describe an element relating to the global server. As shown, the "global server" is a 
server that is accessible from any connected site in the world. Thus, the "global firewall" 
is intended to be a firewall protecting the global server. Applicant is amending the claims 
to delete the term "global." 

The Examiner rejected claims 2-10 and 13 as improper hybrid claims, and 
indicates that it is unclear whether the dependent claims mean to include the limitations 
set forth therein. The dependent claims further define the elements set forth in the 
independent claim. As stated above, "wherein" clauses are proper. 

Objection to the Specification under 35 USC § 1 12 

In paragraphs 7 and 8, the Examiner rejected claims 1-30 under 35 USC § 1 12 as 
containing subject matter that was not enabled in the Specification. More particularly, 
the Examiner asserted that Applicant did not teach details of the communications engine 
of claim 1, the servlet host engine of claim 1, the means for providing the applets of claim 
29 and 30, and the method of providing the applet of claim 15. 

On page 12 line 21 to page 13 line 2, the Specification describes a 
communications engine as an engine that generates and transfers message packets to and 
from the Internet via a communications interface. Claim 1 indicates that the 
communications engine creates the link with the client. Claim 2 indicates that the 
communications engine may use SSL. Claim three indicates that the communications 
engine may use encryption protocols. Claim 4 indicates that the communications engine 
may use public key certificates. Applicant submits that one skilled in the art readily 
knew different protocols, including circuit switching and packet switching, for 
communicating information across a network between a server and a client. Similarly, 
one skilled in the art readily knew the conventional widely used TCP/IP internet protocol, 
and that this protocol includes rules for format, error handling, handshaking, switch 



10 



Our Docket No. 40827.4 



failures, etc. Further, Applicant has incorporated by reference co-pending patent 
application, serial number 08/766,307, entitled "System and Method for Globally 
Accessing Computer Services," filed on December 13, 1996, by inventors Riggins et al. 
This reference describes the process of enabling access to services without concerns of 
security. No undue experimentation to implement a communications engine would be 
necessary. 

On page 16 line 1 to page 17 line 13, the Specification describes a servlet host 
engine as software code that downloads the appropriate applets to the client for execution 
on the client, and that selects the appropriate corresponding servlets for execution on the 
server to communicate with the downloaded applets. Applet-handling server code such 
as servlets were known before the filing of this application. According to the article 
"Servlet Sandbox" published on November 11, 1996, servlets are used to extend the web 
server, similar to the way that applets extend the web browser. As indicated by the article 
"Java Servlet Application Programming Interface White Paper" published on November 
12, 1996, servlets are Java objects that extend the functionality of information servers and 
can be thought of as server-side applets. The article identifies the difference between 
applets and servlets by indicating that servlets are faceless objects without a user 
interface. As indicated by the article "Jeeves Alpha 2 Release Notes" published on 
November 1 1, 1996, servlets may provide user interface capabilities. As indicated by the 
attached article "Overview of the Java HTTP Server Architecture" published on 
November 12, 1996, servlets are similar to applets in that they are object bytecodes that 
can be dynamically loaded off the net. The article further indicates that servlets are 
identified by a URL address or class name. According to the article "Frequently Asked 
Questions (FAQ) about Jeeves" published on October 2, 1996, servlets serve as platform 
independent dynamically loadable pluggable helper bytecode objects on the server side. 
No undue experimentation to implement a servlet host engine would be necessary. 

On page 13, lines 6-13, the Specification describes an applet engine that handles 
and executes downloaded applets. In the Specification, Applicant cited Netscape 
Navigator™ and Internet Explorer™ as examples of browsers having an applet engine. 



11 



Our Docket No. 40827.4 



Applet-enabled web browsers were available from at least as early as 1995, i.e., from 
about two years before this application was filed. For Java environments, these 1995 
browsers included a Java Interpreter for interpreting applet bytecode, a Java verifier to 
check for security issues, and run-time systems for executing the applets. In fact, page 
896 of the article "Using Netscape 2," copyright 1995, by Mark Brown, which was cited 
by the Examiner, explains how Netscape runs Java applets. Further, Applicant has 
incorporated by reference co-pending patent application, serial number 08/766,307, 
entitled "System and Method for Globally Accessing Computer Services," filed on 
December 13, 1996, by inventors Riggins et al. This reference describes the process of 
enabling access to services without concerns of security. No undue experimentation to 
implement an applet engine would have been necessary. 

The Examiner again asserted that it is not clear how the term "engine" differs 
from other programs or processes. As stated above, the Specification employs the term 
"engine" on several occasions, e.g., "a communications engine," "an OS configuration 
engine," "an applet engine," etc. As illustrated in the embodiment of Figure 2, each of 
these engines are stored in RAM. This clearly indicates that the engines in this 
embodiment are software code. Further, the Computer Dictionary, 2 nd edition, published 
by Microsoft Press (1994) defines the term "engine" to include "The portion of a program 
that determines how the program manages and manipulates data." Still even further, the 
Applicant states on pages 26-27 that software portions of the invention may use 
Application Specific Integrated Circuits (ASICs) or equivalents. It is therefore clear from 
the Specification, the figures and common usage that the term "engine" describes 
program code, ASICs or equivalents for causing a computer to perform a specific 
function. 

The Examiner asserted that the applets, servlets, key management and the three 
modes of operation are not taught in sufficient detail to be enabling. Applicant has 
incorporated by reference co-pending patent application, serial number 08/766,307, 
entitled "System and Method for Globally Accessing Computer Services," filed on 
December 13, 1996, by inventors Riggins et al. This incorporated reference describes the 
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process of enabling access to services, key management, applets, servlets and the three 
modes of operation without concerns of security. 

Per MPEP 2164.01(b) and In re Fisher , 427 F.2d 833, 839, 166 USPQ 18, 24 
(CCPA 1970), "As long as the Specification discloses at least one method for making and 
using the claimed invention that bears a reasonable correlation to the entire scope of the 
claim, then the enablement requirement of 35 U.S.C. 1 12 is satisfied." Applicant has 
described a method of making and using the invention, namely, using downloadable code 
such as Java applets and corresponding server code such as Java servlets to enable access 
to a service across the network. Accordingly, for at least the above reasons, Applicant 
respectfully submits that the written description and enablement requirements of 35 USC 
§112, first paragraph, have been satisfied. 

Claim Rejections under 35 USC § 103 

Before addressing the rejections, a brief review of Applicant's invention is 
helpful. Applicant's invention is directed at a secure system and method for maintaining 
a central site, i.e., a global server, which stores downloadable connection information, a 
key and downloadable interface information to many services. An authorized user can 
access the server from any remote site having a browser, and can request a connection to 
one of the services. The central site downloads corresponding Downloadable code and a 
key to enable the remote site to identify and establish a connection to and to communicate 
with the selected service. The location of the service need not be known by the user or the 
remote site. The interface to the service need not be previously loaded onto the remote 
site. The user need not port any software or service addresses. Because of the security 
services provided by the global server, the particular downloadable code sent to the user 
can based on the user's privileges. Accordingly, the applet may select the type of 
connection with the service. For example, a trusted user may be provided with a direct 
connection to the service. A less trusted user may be provided with a proxy connection to 
the service. An untrusted user may not be connected to the service at all. 
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35 USC § 103 Rejection over Vogler in view of Brown 

In paragraph 10, the Examiner rejected claims 1-30 as being unpatentable over 
Vogler in view of Brown (i.e., "Using Netscape 2"). 

Vogler discusses establishing a connection with a client, sending an applet to to 
the client to facilitate the connection to the CAD tool server. The applet being sent is 
NOT related to the privileges of the user. Accordingly, Vogler does not teach "a servlet 
host engine coupled to the security services for providing to the client based on the client 
privileges, an applet which enables I/O with a service," [emphasis added] as similarly 
claimed in each of the independent claims. Brown discusses SSL and public key 
certificates. However, Brown also does not describe providing the client an applet based 
on the client privileges. 

Accordingly, Applicant respectfully submits that, for at least the above-identified 
reasons, independent claims 1, 1 5, 29 and 30 are allowable over Vogler in view of 
Brown . For at least the same reasons, Applicant respectfully submits that dependent 2-14 
and 16-28 are also allowable over Vogler in view of Brown . Applicant respectfully 
requests that the rejection under § 103(a) of claims 1-30 as unpatentable over Vogler in 
view of Brown be withdrawn. 

35 USC § 103 Rejection over Weber 

In paragraph 1 1, the Examiner rejected claims 1-30 under 35 USC § 103 as 
unpatentable over Weber . 

Weber teaches obtaining generic vPOS software to interface with banks, and 
customization software to interface with a particular bank. Weber does not teach 
"security services" to obtain user privileges, an engine for downloading code based on the 
user privileges to enable I/O with a service, or a keysafe storing a key for establishing a 
connection with a service, the location of which may be unknown. 

Col. 57 lines 20 et seq. discuss an overview of the vPOS architecture as including 
a terminal interface CGI connected across an internet to a vPOS OLE server, which is 
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connected to a gateway server. The overview highlights the notion of customization of 
the vPOS, interaction and authentication. However, the vPOS is located on the merchant 
computer, not on the user's computer . The vPOS is previously loaded onto the 
merchant's computer and is not downloadable at runtime . The vPOS is customized per 
bank specifications, not per user specifications . There is no central site storing service 
identifiers and corresponding Downloadable code . 

Col. 61 lines 61-67 indicate that bank-specific customization software can be 
downloaded to customize the vPOS software for a particular bank. According to lines 
56-57, the vPOS software is "already-obtained." The vPOS software is not downloaded 
on the fly and still needs to be customized by customization software, so that the vPOS 
software can interface with a particular bank. 

Col. 62 lines 15-18 discuss that the merchant can connect to the VeriFone Test 
Gateway by selecting the option from the vPOS terminal home page, after the certificate 
has been installed in the merchant's computer. The language does not teach receipt of 
Downloadable code for connecting to the and interfacing with a service corresponding to 
a selected service. 

Accordingly, Applicant respectfully submits that, for at least the above-identified 
reasons, independent claims 1, 1 5, 29 and 30 are allowable over Weber . For at least the 
same reasons, Applicant respectfully submits that dependent 2-14 and 16-28 are also 
allowable over Weber . Applicant respectfully requests that the rejection under § 103(a) 
of claims 1-30 as unpatentable over Weber be withdrawn. 
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If the Examiner has any questions or needs any additional information, the 
Examiner is invited to telephone the undersigned attorney at (650) 843-3392. 

If for any reason an insufficient fee has been paid, the Assistant Commissioner is 
hereby authorized to charge the insufficiency to Deposit Account No. 05-0150. 



Respectfully Submitted, 
Riggins 



Dated: 




Graham & James LLP 
600 Hansen Way 
Palo Alto, CA 94304-1043 Marc A. Sockol 

650-856-6500 Attorney for Applicants 

Reg. No. 40,823 
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